Essential Guide

PCI 3.0 special report: Reviewing the state of payment card compliance

A comprehensive collection of articles, videos and more, hand-picked by our editors

PCI DSS 3.0

PCI DSS 3.0 is the third major iteration of the Payment Card Industry Data Security Standard, a set of policies and procedures administered by the Payment Card Industry Security Standards Council (PCI SSC) to ensure the security of electronic payment data and sensitive authentication data.

PCI DSS 3.0 is the third major iteration of the Payment Card Industry Data Security Standard, a set of policies and procedures administered by the Payment Card Industry Security Standards Council (PCI SS)) to ensure the security of electronic payment data and sensitive authentication data.

IT Acronyms - A Quick Reference Guide

Download this free quick reference guide with over 3,000 IT acronyms; including a special section of the top 15 acronyms you need to know today.

By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Notable new or updated requirements in PCI DSS 3.0 include methodology-based penetration testing to verify that the methods used to segment the merchant cardholder data environment (CDE) from other IT infrastructure, an inventory of all hardware and software components within the cardholder data environment, documentation detailing which requirements are managed by third-party vendors vs. which are managed by the organization itself, antimalware detection and remediation processes for systems considered to be not commonly affected by malicious software, physical access controls for onsite personnel and methods to protect payment data-capture devices from tampering and substitution.

PCI DSS is updated on a three-year cycle; the previous revision was PCI DSS 2.0, released in 2010. The next major revision to the standard is expected to be released in 2016. The standard, created by the major credit card companies in 2004 to foster widespread adoption of consistent data security practices throughout the payment processing ecosystem, consists of introductory information outlining the purpose and scope of the standard; 12 requirements and their associated sub-requirements; and four appendices outlining additional compliance guidance for various special circumstances.

PCI 3.0 special report: Reviewing the state of payment card compliance

GUIDE SECTIONS

0 comments

E-Mail

Username / Password

Password

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy